Overview

overview

5

Static

static

1

4-NOTIFICA...-4.msg

windows7-x64

5

4-NOTIFICA...-4.msg

windows10-2004-x64

3

5- DEMANDA...-3.svg

windows7-x64

3

5- DEMANDA...-3.svg

windows10-2004-x64

3

Resubmissions

25-09-2024 06:14

240925-gzpjtsselc 5

25-09-2024 04:21

240925-eym89svdmn 5

Analysis

  • max time kernel
    122s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    25-09-2024 04:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5- DEMANDA LABORAL JUZGADO 02 LABORAL DEL CIRCUITO-3.svg

  • Size

    382KB

  • MD5

    cb5f7c144a3d5edc7b366f781f0ee5ca

  • SHA1

    cefcd42d12ec1a5e61d060e5dd7217c4e3822248

  • SHA256

    fbf3745834e07063ca47e29d598462f273a1d172260bb21f213b8bfd0e7d7b6c

  • SHA512

    fef6013c9766e4cd052d7526fc54b8717762c8441d1b67932752aab13bf3cbd47c4de7bfe943e7e659d28cc330883c1b5dc1d1d97debdce4d3955dc4fdf1f044

  • SSDEEP

    3072:4tonuDJ9Qw0ySFvMXPugjPoyUtjSRtonOtDKjDPuk/s6qfu1bru4pbasto0Dyxxb:2LsuC4fBpCoK21dE+XlpJGwSsKldE

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\5- DEMANDA LABORAL JUZGADO 02 LABORAL DEL CIRCUITO-3.svg"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3064
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3064 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2612

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee2d343f02d6b616be5c870d72f9b994

    SHA1

    ee0eaf673eaaaf95b7b64ba7b2885fd13691ba28

    SHA256

    5fa1bd5952cc1cb17aa64886ac3f29175abb493a7f44ed522adf90358e684c72

    SHA512

    ed199fd02b80aa1c34b742a4f46f32af194a576fb7152917c6bbb9065c385aa716333db6228ff3b96c71a83826fbfa9bc72d62ad61f2bc340ff27669d6bd59a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    045ddf602bd6dcb869a2748db54448fe

    SHA1

    2344972fcabd9df3e818cdbb8a204dd5ddae1ad3

    SHA256

    fe8117d9c84a7923d52c06de7e2773f32e7551a476912fdf2e0bc9aa1515f53b

    SHA512

    7eeba14fbbc3c5aff1d3f78d9bb86261c1e6eb4b62d9258b64a9c761dda964aa886258d943d693f6aafc91d4471c2eb815a9bd730513606db42d92164be23fe9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa637e78d128011b9e388dd1f5bd2bf7

    SHA1

    229e807db0d0f8d6e7d76ab9ab75b3e7e56d8c56

    SHA256

    db89c5395f29646a892975507790a0bbdbca1df50c5702ccc933dce301e18729

    SHA512

    d6e219cd601b76f022b746e0f64dca5a34d42ccd4171c9d41e7380eed933f16eccf31f81513f5d6dd76ffc215da84290a63d41b67d1e8d27a20ccd015acd96f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1c827d96ff8303bce39d8b6a4372937f

    SHA1

    0c55fc161f16dc7874612f44a7484d88f5b742d0

    SHA256

    5da87dccebc720dd0e8eb604ebf2dcd2ae6f0bbcd6e3d44ac8eb11ddd5cff796

    SHA512

    b0dcdb733c0dd448d08ece8ef6259d87c6bd4dc946df83b6a093ff44ace7f2a57911d7c377490bfa9bbdf667fd82b6da88008b821de541aed6551afbf46a1974

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    edd6f9adf44c220f21fb5c68dc75a885

    SHA1

    3eb7e7bf6a309232bc291bd30c5d7eea33752ad2

    SHA256

    8cf358cd51a33e1b339b2ce395f4c651a3df797c401578c4e8b804a147f06873

    SHA512

    75cbd2363bfcd2754c8cad2d581aeeeca82fb6e7f77982ac8169c6c9d216e43722380699a27cff4b5d17203a39ce49102b3c641001abd03e49e11938994dccbd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    91df29a083d9781c9a72b58bf78e136b

    SHA1

    d83cdc549ad7d03cef027896e1156ed444f50584

    SHA256

    7d535e28ff486d3b564eb57982f15f3687cd8b57ba3a6ca5c06d304c6db0a663

    SHA512

    c2790b8e815cece84cae38d890cd7379451cc3b9f53e327edc2f60a4aad8bf62322315c169e0c7a4cf3e04865058e96b7e7cfd9d8ea656719f0b32fa319bd58f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    96b1c14bd6edea22e029f743bd8537ce

    SHA1

    e8a79afffb7133afc574cb6f2c580923fd4d9209

    SHA256

    f392c439b3d153be95d6a7003e80b71f03dfecc82e81a0b6ed4d4e3982452cb5

    SHA512

    5f4d1d3a495abb95c8e59f6e0f445f8014c6ca69479f33055dbee002a867f9000577c8388f48b81a95d93f73a674b3df79e7bcd7a604b025f6493ee2f264a41f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c598943c101bcc592ccc8ba1d1a0e5b

    SHA1

    58d4510160ab3bf51b5ea956253098e1b955fd6a

    SHA256

    72b591fbb04224733843631b747cc671bb391fc41d8671855c32f45cf9f62699

    SHA512

    04b9a065cedc6d59bdb31eee7399fc213ef6b1204f8cb8535334449ab23e7921fdcbff51fbbf8bc7eeda8cb42f6c7f9a2a8e6b82156d961f39c951b871efa34e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b27f3e3818bc98354b8466a702eccc4f

    SHA1

    08a0af62984d9db7746c9dc0ca25dd875e2c8409

    SHA256

    0cd8a279d9e420b9a3cdfedfe83b871bd8cbdff7acc4cc1fe0ba5664f2f5f3a9

    SHA512

    ac2be89e36b6911a326b035337447feafb2964377288cb36ef296499926a82c61af95c2a91b934ff1704cb25ed2dba2bdeda1ce14ee633f8dcf0ee214de8f9df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c56f21bca6d3e8f8711dd7c0cce7cd9b

    SHA1

    d73ba36fa8879278b7f7195763c8b823217c80c7

    SHA256

    43cfc60b54de927191992eb8db77a2017fe29944a7ca693527848caffaf191b3

    SHA512

    1cc4d62214a2def19da3a0de1a7d71df7fdb33ae6f62d3f7b263fcdc9b24a04bfcaf41a38b3722b48a6f028ea38bb92ef99b83200ad951081b812dda2071f8b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc4ed946aec3a63be7aecb04c4a7c381

    SHA1

    2f0946378b35d3cb961a862e4eff1707e84bff25

    SHA256

    f88cdaf6998a325b05e95c26522472f8aa6386d4aac2e33793c8237bad2a3234

    SHA512

    ab7b2d75bda005c1c5d53cfe7fd17ef8c332ebb6a3cb43cde352b80d1281f49ad74dac4505df4f6c89ac857df3fa78c61961a5f3f70718c72c6f4f7ce1444e65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a4a9b2bdd4752b925c5d56059e17c030

    SHA1

    3885f47f86bec90e9ba455c56c37d4ef5828e7b0

    SHA256

    19cf6cd228b343151dc83725d19df700130efc5233d685586622b1d57c12e3b1

    SHA512

    8c288751e9b0cd8317788409538967e59d578f8af8268345983d71b5a0a0be775229fe3b24c9763bb0121f643ee06d05cc553b7400f5460f7ac5b0a82dd19dce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3df2d5200a5bf879a5334471c8eaf78a

    SHA1

    c59a9b826f40238ba05151ddddc1c61a321bf2de

    SHA256

    f482ae8e1437ea7a45cb25578a2e5fac8b78d6f5b9b2bdebd8a6f21d21146680

    SHA512

    21ae6ff1f72f832942fa4f387d7526bf7cba85cd6a2c70403bd4fcaa814bfa4b5c87476665914dc1e7b013d645edff732c175f82d019b634b6200ff611385358

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7460745adff098b1a578c09f8c52f97f

    SHA1

    304b4815a7e3c6fd5f67d8ba9c0d07aedfb95e95

    SHA256

    a2f3cd2797fbf9caf451335ea1ffed1c9ba5b198f7293db034d3237e6708a62a

    SHA512

    5fd60ddc11a4fb29464102f575f44e5e19b4d8f36552751d3d6492927734a674666c3a8f2d902b093691f3ad9ec4f4920446287c6b49dea5de7e807a2e246b1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4572b1b5a894c7ffff1bd74066d66b67

    SHA1

    0d0e6cf91e235c74a72356359ccbb5110839ace2

    SHA256

    77bd801b0f7ac34571e7793c863d978d13c5b60765c6ce7af3940324dbd9020b

    SHA512

    58c0fb7d603ca09cc252b3b1af4260aa449cfa10c9467808b30f2f1ea21e2433b30ca8fdffcd1625ddab8b5fe650e36df511e6677c2be72c903ec0407fbe6ce0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ac4f5e3bcebd669d0eb9076cecf7cbd5

    SHA1

    fe42608b99e100b62a890afa5e605a1514dcbebd

    SHA256

    27cba5f6673499dc4d93b238ca7bf0ff3da62c9f2d56640e4f7bb3f7c9679a7b

    SHA512

    73da343bdb491629f6385a3a0c2a6b75146ff4461d66a983ea298d8b8b0e9ccfe111b051e04b2794aa623c28820bc7de0ac9f89204d04581f1b0c66c241d2996

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    67533a2576d24fef708248029363040a

    SHA1

    45cdfe078f7087c2a52fa4f24a7ca409a419a81f

    SHA256

    e19a96e4fccd8c7682e0977488a2a4cef74f4de69243358e46c5795b7d0a9ce9

    SHA512

    da176caa10b2badd69b74c57aa45dbe4c4ed826f8f561fc81a19ff9a3cffebbaa910f3a1a34848a5e8f10479a13a92ada1074bfcb20f2d54e382800f631f5d64

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6598.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6648.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit